push-notification plugin and imap-metadata permissions

Giovanni S. Fois giovanni at giovannisfois.net
Fri Apr 22 12:17:30 UTC 2016 

Ultra short version:

Why cant I set the following mailbox metadata key?
/private/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/http-notify

Let me explain the context:

I'm using the Dovecot version 2.23.1, but the same happens for the 2.2.22

The push-notification plugin is supposed to send out a notification whenever
a mailbox get a new email message.

In order to tell if a mailbox is enabled to send out the notification, the plugin
looks out for the following mailbox metadata key:
/private/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/http-notify

If the key is set then everything is OK and the notification is sent, otherwise the
action is skipped.

If I try to setup the metadata key by hand (telnet as the user over the imap port):
setmetadata INBOX (/private/vendor/vendor.dovecot/pvt/server/vendor/vendor.dovecot/http-notify 
"user=myuser at mydomain.com")

I get the error message: "Internal mailbox attributes cannot be accessed"

Digging in the Dovecot 2.2.22 sources i found that:

This string is from lib-imap-storage/imap-metadata.c - line 36 - Dovecot 2.2.22
The message is triggered by the following condition - same file - line 125  - Dovecot 2.2.22

if (strncmp(*key_r, MAILBOX_ATTRIBUTE_PREFIX_DOVECOT_PVT,
                     strlen(MAILBOX_ATTRIBUTE_PREFIX_DOVECOT_PVT)) == 0) {

So the path pvt/server appears to be forbidden.

But, in the file lib-storage/mailbox-attribute.h we can read the following comment:

/* User can get/set all non-pvt/ attributes and also pvt/server/
    (but not pvt/server/pvt/) attributes. */

And, after said comment there is the definition of the macro 
MAILBOX_ATTRIBUTE_KEY_IS_USER_ACCESSIBLE(key)
which has the same basic function of the condition in imap-metadata.c , but in this case
the same imap key is seen as accessible.

Now my questions:

Can we use a negated version of MAILBOX_ATTRIBUTE_KEY_IS_USER_ACCESSIBLE(key) in imap-metadata?
How can the push-notification plugin work out-of-the-box without changes and recompilation?

Thank you for your valuable time and forgive me if I'm posing a dumb question.

Best wishes,
Giovanni S. Fois

More information about the dovecot mailing list